"ShowAcls.exe is a 32-bit command-line tool that displays NTFS permissions for files and directories. The tool enumerates the local and global groups to which a user belongs and matches the user's security identifier (SID) and the SIDs of the groups to which the user belongs against the SIDs in each access control entry (ACE)."
The syntax is:
showacls \[/s\] \[/u:domain\user\] \[filespec\]
/s includes sub-folders.
/u:domain\user will enumerate the permissions for a local or domain user or group.
filespec is a folder or file object.